GeoMesa supports security on a per-feature level, which allows data to be
filtered on a granular level for different users. It is a more advanced tutorial;
you should already be familiar with the basics of GeoMesa and GeoServer. This tutorial
targets Accumulo - GeoMesa also supports HBase visibilities through the same mechanisms,
but the HBase configuration required is not covered here. See HBase Visibilities
for more information on HBase.

In this tutorial, you will learn how to:

Set visibilities on your features during ingestion into GeoMesa

Apply authorizations to your queries through GeoMesa

For information how to configure a secure environment that can leverage feature visibilities,
see GeoMesa Authorizations.

This tutorial operates by inserting and then querying several thousand features.
The features are inserted with visibility labels, and then queried with two different users
to show how authorizations work.

The source code is meant to be accessible for this tutorial. The main logic is contained in
org.geomesa.example.accumulo.vis.FeatureLevelVisibilityTutoriall in the
geomesa-tutorials-accumulo/geomesa-tutorials-accumulo-feature-level-vis module. Some relevant methods are:

SimpleFeaturefeature=features.get(i);Stringvisibilities;if(i%2==0){visibilities="admin";}else{visibilities="user|admin";}// set the visibility as user data in the featureSecurityUtils.setFeatureVisibility(feature,visibilities);// also set as an attribute for visualizationfeature.setAttribute("visibility",visibilities);

This code snippet shows how you can specify the visibilities for each feature.
SecurityUtils.setFeatureVisibility sets the visibilities string as user data in the feature.
When writing to Accumulo, GeoMesa will use that user data to apply the appropriate Accumulo visibility
string to the record.

Half the data is marked as admin, which means only a user with that authorization can view it. The
other half is marked as user|admin, which means that both admin authorizations and user authorizations are
sufficient to view the data. Unless users are explicitly granted permissions to read features with that level of
authorization, we cannot visualize the data in a meaningful way. Next we will add new Accumulo users to do just
that.

With these new users added, we’re going to give them the proper
authorizations with the setauths command:

> setauths -s admin,user -u admin
> setauths -s user -u user

This will grant authorizations admin,user to admin, meaning as
the user admin, one will be able to read both features written with
the visibility user and features written with the visibility
admin. Additionally, the user user will be granted user
authorizations, meaning they can only view features of visibility
user. They will never see features written with the visibility
admin.

Next we’ll grant permissions to the read the appropriate tables to
user and admin. Replace <table> in the following command with
the table you specified when running the tutorial code.

Assuming you have already set up GeoServer as described in the GeoMesa
User Manual, we’re going to add a new DataStore to GeoServer. First,
login to GeoServer, and then click “Add stores” from the homepage.

Next, click the link to add a new “Accumulo (GeoMesa)” store and name it
feature-level-visibility-admin. Fill in the correct connection
parameters to make contact with GeoMesa/Accumulo, but be sure to use
admin for the “user” parameter.

GeoMesa DataStore configuration with “admin” user

Then, publish your layer when prompted by GeoServer. Remember to click
the “Compute from data” and “Compute from native bounds” links on the
“Add Layer” page, and click “Save”.

Repeat the above steps one more time to add an additional DataStore
with the same parameters, but this time, name it
feature-level-visibility-user and use user for the “user”
parameter.

With your layers added in GeoServer, we’re nearly ready to visualize the
data. One final step is adding our custom SLD that will style your
features to make visualizations of the data even easier to understand.

Download feature-level-vis.sld,
or copy the contents, and add it as a Style in GeoServer. It will style the points on
a map based on the visibility attribute present.

Lastly, click on “Layer Preview” in the left hand sidebar and find your
two newly added layers. If everything went correctly, you should see
fewer results returning in the user layer than in the admin
layer, and this is expected behavior. Because user has only been
granted permission to view features with the user visibility, only
that half of the records are returned. However, the admin user is granted
permission to see both admin and user visibilities.

In this very simple example, you wrote features of two different
visibilities, added two new users to Accumulo, and granted them separate
authorization levels to be able to view portions of the data. This
tutorial has real-world use cases in security and data integrity. For
example, when storing sensitive data and having users of varying
authorization and security levels querying that data, visibility labels
ensure that sensitive data is not leaked to a user of a lower level of
security.

The concept of feature level visibility can be extended and modified to
have many more, or only a few, visibility levels. And with GeoServer
being flexible and extensible, writing a module to consider feature
level security in GeoServer is relatively painless.